I recently read Viewpoint: IoT and the cybersecurity industry’s hardware blind spot by Shahram Mossayebi. It is well-written and informative. Although the Hardware Root of Trust (HRoT) based upon immutable device identity, as discussed in this article, may be essential, I don’t think it is the complete solution for security of IoT devices. It does nothing about stack overflows, buffer overflows, etc. HRoT is akin to installing steel outside doors with stronger locks. I think that effective device security begins with the assumption that the cybercriminal is already inside – whether he got in by bribing the night watchman, posing as a security expert for a small OEM, or whatever, makes no difference. People are clever. If the reward is big enough, a criminal will find a way in.
Also, secure coding, alone, is not sufficient, because there are not enough embedded programmers to fix the more than 400 software CWEs (Common Weakness Enumerations) found so far, and counting. In fact, this appears to be a losing battle because the hackers are rapidly inventing new vulnerabilities.
I believe that isolated partitions are the most practical solution to the device security problem. They are akin to installing a steel door with a strong lock in every room and corridor in a castle, so no matter which of Shahram’s ten open windows the hacker came through, he is still locked out. Even if the hacker brought a welding torch to cut through the room’s steel door he finds himself in another locked room and no closer to the Crown Room where the gold and jewels are stored. Meanwhile, an alarm has been sounded and the castle guards are coming!
Isolated partitions are not a perfect solution, but I think they reduce the attack surface by orders of magnitude, thus allowing our embedded programmers to be deployed where their secure coding skills will have the greatest benefit. For more on isolated partitioning, see Achieving Device Security.
Copyright © 2022 Micro Digital, Inc. All rights reserved.
Micro Digital Blog 